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Abstract 

The requirement of a language to be conditionally decomposable is imposed on a specification language in the coordi- 
nation supervisory control framework of discrete-event systems. In this paper, we present a polynomial-time algorithm 
for the verification whether a language is conditionally decomposable with respect to given alphabets. Moreover, we 
also present a polynomial-time algorithm to extend the common alphabet so that the language becomes conditionally 
decomposable. A relationship of conditional decomposability to nonblockingness of modular discrete-event systems 
is also discussed in this paper in the general settings. It is shown that conditional decomposability is a weaker condi- 
tion than nonblockingness. 
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1. Introduction 

In the Ramadge-Wonham supervisory control framework, discrete-event systems are represented by deterministic 
finite automata. Given a specification language (usually also represented by a deterministic finite automaton), the aim 
of supervisory control is to construct a supervisor so that the closed-loop system satisfies the specification [1 1. The 
theory is widely developed for the case where the system (plant) is monolithic. However, large engineering systems 
are typically constructed compositionally as a collection of many small components (subsystems) that are intercon- 
nected by rules; for instance, using a synchronous product or a communication protocol. This is especially true for 
discrete-event systems, where different local components run in parallel. Moreover, examples of supervisory control 
of modular discrete-event systems show that a coordinator is often necessary for achieving the required properties 
because the purely decentralized control architecture may fail in achieving these goals. 

The notion of separability of a specification language has been introduced in [2], and says that a language K over an 
alphabet (J™ =1 E,, n > 2, is separable if K — ||" =I Pi(K), where for all i = 1,2, ... ,n, Pi : ((J £,)* — > E* is a projection. 
A specification for a global system is separable if it can be represented (is fully determined) by local specifications 
for the component subsystems. It is very closely related to the notion of decomposability introduced in [[3] |4j for 
decentralized discrete-event systems, which is also further studied in, e.g., 0. Decomposability is a slightly more 
general condition because it involves not only the specification, but also the plant language, that is, a language K c L 
over an alphabet |J"=i Ei, « > 2, is decomposable with respect to a plant language L if K = ||" =1 Pj(K) || L: separability 
is then decomposability where L = (U"=i Ed* i s the set of all strings over the global alphabet. In this paper, we slightly 
abuse the terminology and call a separable language in the sense of [2] also decomposable. It has been shown in (2) 
that decomposability is important because it is computationally cheaper to compute locally synthesized supervisors 
that constitute a solution of the supervisory control problem for this decomposable specification. Recently, the notion 
of decomposability has also been extended to automata as an automaton decomposability in, e.g., 0. 
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However, the assumption that a specification language is decomposable is too restrictive. Therefore, several 
authors have tried to find alternative techniques for general indecomposable specification languages; for instance, the 
approach of [7| based on partial controllability, which requires that all shared events are controllable, or the shared 
events must have the same controllability status (but then an additional condition of so-called mutual controllability J8] 
is needed). 

In this paper, we study a weaker version of decompos ability, so-called conditional decomposability, which has 
recently been introduced in Q and studied in ifTOlfTTIl in the context of coordination supervisory control of discrete- 
event systems. It is defined as decomposability with respect to local alphabets augmented by the coordinator alphabet. 
The word conditional means that although a language is not decomposable with respect to the original local alphabets, 
it becomes decomposable with respect to the augmented ones, i.e., decomposability is only guaranteed (conditioned) 
by local event set extensions by coordinator events. 

In the coordination control approach of modular discrete-event systems, the plant is formed as a parallel composi- 
tion of two or more subsystems, while the specification language is represented over the global alphabet. Therefore, 
the property of conditional decomposability is required in this approach to distribute parts of the specification to the 
corresponding components to solve the problem locally. More specifically, we need to ensure that there exists a cor- 
responding part of the specification for the coordinator and for each subsystem composed with the coordinator. Thus, 
if the specification is conditionally decomposable, we can take this decomposition as the corresponding parts for the 
subsystems composed with a coordinator and solve the problem locally. 

Conditional decomposability depends on the alphabet of the coordinator, which can always be extended so that 
the specification is conditionally decomposable. In the worst (but unlikely) case all events must be put into the co- 
ordinator alphabet to make a language conditionally decomposable. But in the case when the coordinator alphabet 
would be too large it is better to divide the local subsystems into groups that are only loosely coupled and introduce 
several coordinators on smaller alphabets. In this paper, a polynomial-time algorithm is provided for the verification 
whether a language is conditionally decomposable. We make an important observation that the algorithm is linear in 
the number of local alphabets, while algorithms for checking similar properties (such as decomposability and coob- 
servability) suffer from the exponential-time complexity with respect to the number of local alphabets. This algorithm 
is then modified so that it extends the coordinator alphabet to make the specification language conditionally decom- 
posable. Furthermore, we discuss a relationship of conditional decomposability to nonblockingness of a coordinated 
system, where a coordinated system is understood as a modular system composed of two or more subsystems and a 
coordinator. 

Finally, since one of the central notions of this paper is the notion of a (natural) projection, the reader is referred 
to |[T2 ] for more information on the state complexity of projected regular languages. 

The rest of this paper is organized as follows. In Section|2] basic definitions and concepts of automata theory and 
discrete-event systems are recalled. In Section[3j a polynomial-time algorithm for testing conditional decomposability 
for a general monolithic system is presented. In Section|4] this algorithm is modified to extend the coordinator alphabet 
so that the specification becomes conditionally decomposable. In Section [5] the relation of nonblockingness of a 
coordinated system with conditional decomposability is discussed. The conclusion with hints for future developments 
is presented in Section|6] 

2. Preliminaries and definitions 

In this paper, we assume that the reader is familiar with the basic concepts of supervisory control theory fPUl and 
automata theory 11 1 411 . For an alphabet E, defined as a finite nonempty set, E* denotes the free monoid generated by E, 
where the unit of E*, the empty string, is denoted by e. A language over £ is a subset of E* . A prefix closure L of a 
language L c E* is the set of all prefixes of all words of L, i.e., it is defined as the set L = {w e E* \ 3u e E* : wu € L). 
A language L is said to be prefix-closed if L — L. 

In this paper, the notion of a generator is used to denote an incomplete deterministic finite automaton. A generator 
is a quintuple G = (Q,E,6,qo,F), where Q is a finite set of states, E is an input alphabet, 6 . Q x E — > Q is & 
partial transition function, qo € Q is the initial state, and F £ Q is the set of final or marked states. In the usual 
way, 6 is inductively extended to a function from Q x E* to Q. The language generated by G is defined as the set 
L(G) — {w e E* | 5{qo, w) e Q], and the language marked by G is defined as the set L m (G) — {w e E* \ 5{qo, w) e F). 
Moreover, we use the predicate 5(q, a)\ to denote that the transition 6(q, a) is defined in state q e Q for event a e E. 
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For a generator G, let trim(G) denote the trim of G, that is, a generator trim(G) such that L m (trim(G)) = 
L(trim(G)) = L m (G). In other words, all reachable states of G from which no marked state is reachable are re- 
moved (including the corresponding transitions), and only reachable states are considered in trim(G), see lfT3l[T5l . A 
generator G is said to be nonblocking if L m {G) = L(G). Thus, trim(G) is always nonblocking. 

A (natural) projection P : E* — > El, where Eq c E are alphabets, is a homomorphism defined so that P(a) = s, for 
a € E\ Eq, and P(a) = a, for a € Eq. The inverse image of the projection P, denoted by P -1 : El — > 2 £ , is defined so 
that for a language L over the alphabet Eq, the set P~ l (L) = {s e £* | e L). In what follows, we use the notation 
P'j to denote the projection from Ei to Ej, that is, P'. : E* — > E*. In addition, we use the notation = £, U £/, 

and, thus, P 1 , 1 denotes the projection from Ej+j to E k . If the projection is from the union of all the alphabets, then we 
simply use the notation P, : (U ; Ej)* — > E*. 

Let L\ c £* and L2 £ £2 ^ e two languages. The parallel composition of Li and L2 is defined as the language 

U \\L 2 = p- 1 1 (L 1 )nP 2 1 (L 2 ), 

where P\ : (Ei U £2)* — > P* and P2 : (£1 U £2)* — > ^ similar definition in terms of generators follows. Let 
G] = (Xi,i?i,<yi,JCt)i,Fi) and G2 = (X2, E 2 ,6i, xq 2 , F2) be two generators. The parallel composition ofG\ and G2 is 
the generator G\ || G2 defined as the accessible part of the generator (X\ x X2, E t U E2, 6, (xq\,xq2), F\ X F2), where 



S((x,y),e) = 



(Siix, e), 6 2 (y, e)), if 5 x {x, e)\ and S 2 (y, e)\; 

(6i(x,e),y), if 5\{_x, e)\ and e £ E2, 

(x,6 2 (y,e)), if e i E\ and ^(y, e)\; 

undefined, otherwise. 



The automata definition is related to the language definition by the following properties: L{G\ \\ G2) = L(G\) \\ L(G 2 ) 
and LJfh || G 2 ) = L,„(G,) || L„,(G 2 ), see (H. 

The automata-theoretic concept of nonblockingness of a composition of two generators G\ and G2 is equivalent 
to the language-theoretic concept of nonconflictness of two languages L m (G\) and L m {G2) if the generators G\ and G2 
are nonblocking. Recall that two languages L\ and L2 are nonconflicting if L\ || L 2 = L\ \\ L2, cf. lfT5l [T6l fTTl . 

Let G be a generator and P be a projection, then P(G) denotes the minimal generator such that L,„(P{G)) = 
P(LJG)) and L(P(G)) = P(L(G)). For a construction of P(G), the reader is referred to IfLUfBI . 

Now, the main concept of interest of this paper, the concept of conditional decomposability, is defined. See also 
ll9l [TOl fTTl [T8l for the applications and further discussion concerning this concept. 

Definition 1 (Conditional decomposability). A language K over an alphabet E\ U E 2 U . . . U E„, n>2, is said to be 
conditionally decomposable with respect E\, Ei,. . . , E n , and E^, where U) -g{i 2 n )^' n ^j) QE^Q (J"=i Ej> if 

K = P 1+k (K) || P 2+k (K) || ... || P n+k (K) . 

Recall that denotes the projection from (J}=i Ej to Ej + k. 

Note that ||^ =1 P i+k (K) = (||f =1 P i+k (K)) \\ P k (K) because P i+k (K) c (f^*)" 1 ^^, which follows from the fact that 
P' k +k P i+k (K) - P k (K). Hence, ||" =1 P i+k (K) c P~ l P k (K). Moreover, if the language K is given as a parallel composition 
of n languages (over the required alphabets), then it is conditionally decomposable. 

Lemma 2. A language K c (E\ U £2 U . . . U E„)* is conditionally decomposable with respect to alphabets E\, E%. . . , 
E n , E k if and only if there exist languages Mj +k C E* j+k , i — 1,2, ... ,n, such that K =||" =1 Mi +k . 

Proof. If K = ||" =1 P2+ k (K), define M, + a = Pj +k (K), for i = 1,2, ... ,n. On the other hand, assume that there exist 
languages M i+k c £* i = 1,2, ... ,n, such that ^ = ||" =1 M i+k . Obviously, P i+k (K) c M i+k , i = 1,2, ... , n, which 
implies that ||" =1 Pi +k (K) C /T. As it always holds that K c /*i[/ , ,-+jt(A)], the definition of the synchronous product 
implies that K c ||^ =] P i+k (K). ' □ 

Note that = ||"_, Mi+i implies that the languages Pi +k {K) c M; + ^, for / = 1,2, ... ,n, which means that Pj +k {K) 
are the smallest languages whose parallel composition results in . In other words, if K is conditionally decomposable, 
then P i+k (K), i - 1,2, ... ,n, is the smallest decomposition of with respect to the corresponding alphabets. 
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3. Polynomial Test of Conditional Decomposability 



In this section, we first construct a polynomial-time algorithm for the verification of conditional decomposability 
for alphabets E\, Ez, and E^, that is, for the case n — 2, and then show how this is used to verify conditional 
decomposability for a general n > 2. To this end, consider a language L over E\ U Ez, marked by a generator G. To 
verify whether or not L is conditionally decomposable with respect E\, Ez, and E^, we construct a new structure as a 
parallel composition of two copies of G, denoted fi+k(G), for i = 1,2, (see Example[3]and Figure|2|i that simultaneously 
verifies that each word of Pi+^L) || Pz+kiL) also belongs to L — L m (G); fi+k(G) is constructed from the generator G 
by renaming each event e e Ej- k - Ej \ Ek, j + i, by a new event e € Ej-k- In other words, each event e which is not 
observed by G according to the observable alphabet E, U E k is replaced with a new event. Thus, the copy fi+k(G) is 
over the alphabet U Ej-k, as demonstrated in the following example. 



Example 3. Consider the language L m {G) marked by the generator G depicted in Figure ~^a) where the correspond- 
ing alphabets are E\ — {a,b,d}, E 2 — [a,c,d], and E k — {a,d}. The isomorphic generators f\+k(G) with renamed 
event c, and fz+k(G) with renamed event b are depicted in Figure 1 b) and Figure 1 c) respectively. o 




(a) Generator G. (b) Generator /i + t(G). (c) Generator f2+k(G). 

Figure I: Generators G, /t+t(G) and f2+k(G). 



More specifically, let E\, E2, E k be alphabets such that £1 fl £2 c £ f c £, u E2, and define the global alphabet 
E = Ei U Ez- The structure is constructed as follows: 

1. For the alphabet E, \ E^, where i = 1,2, introduce a new alphabet Ei-k = {a | a e E{ \ E^} that for each event 
a G Ei\ Ek contains a new event a. That is, Ei-k n (£,- \ Ek) = and there exists a bijection g^ k from (£,- \ Ek) 
to Ei_k such that g,_^(a) = a. Note that E\- k n Ez-k - because E\ n E 2 £ 

2. Recall that = E-, U for z = 1,2, and let P : (E U U Ez-kY — > be a projection. 

3. Define two isomorphisms : £* — > (Ei+j U Ej-k)*, where /, 7 e { 1, 2), / # /', so that 



fi+k(a) = 



a , for a e Sj+jt; 
a, for a e \ E^ . 



Note that it immediately follows that P(fj +k (L m (G))) = Pi + k(L m (G))) because both projections remove all events 
that are not in E j+k - 

4. For a generator G = (Q,E,6,qo,F), we abuse the notation and denote by fi +k (G) - (Q,Ei +k U Ej-k,d,qo, F), 
where j + i, the generator isomorphic with G where events are renamed according to the isomorphism and 
the transition function 6 is define as 5(q, fi+k(a)) = S(q,a). 

5. Let L c E* be a language generated by a minimal generator G, and define the generator 

G = fi +k (G) || f 2+k (G) 

over the alphabet £ U Ei-% u By me definition of G, the assumption that E\ n £2 £ which ensures that 
P distributes over the synchronous product (see Lemma|4]below), and Step 3 above, respectively, we have that 

P(L m (G)) = P(f 1+k (L m (G)) || f 2+k (L m (G))) 

= P(f l+k (L m (G))) || P{f 2+k {L m (G))) (1) 
= P l+k (L m (G)) || P 2+k (.Lm(G)) . 
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Lemma 4 (|15|). Let E\ n E 2 Q E k c E\ U £2, fl«<^ fe* Li C £* ant/ L2 £ £* fee languages. Let Pk : E* — > fee a 
projection, then P k (L x \\ L 2 ) - Pk(Li) || Pk(L 2 ). 

From the equations of ([TJ, we immediately have the following result for conditional decomposability. 

Theorem 5. The language L m (G) is conditionally decomposable with respect to alphabets E\, E 2 , Ek if and only if it 
holds that P(L m (G)) — L m (G). 

Proof. The proof follows immediately from the definition of conditional decomposability and □ 

However, the inclusion L m (G) c Pi +k (L m (G))) || P 2+ k(L m (G))) = P(L m (G)) always holds. Thus, only the opposite 
inclusion is of interest. This inclusion, P(L m (G)) Q L m (G), holds if and only if L m (G) Q P~ l (L m (G)), which gives the 
following key theorem for testing conditional decomposability. 

Theorem 6. The language L m (G) is conditionally decomposable with respect to alphabets E\, E 2 , Ek if and only if 
the inclusion L,„(G) c P (L m (G)) holds. 

Proof. It remains to prove that P(L m (G)) Q L m (G) if and only if L m (G) Q P~ l (L m (G)). However, if P(L m (G)) Q 
L m (G), then L m (G) Q p- x P{L m (G)) c p-\L m (G)). On the other hand, assume that L m (G) c p- l (LJG)). Then, 
P(LJG)) c PP- l (L m (G)) = LJG). □ 

The verification of this inclusion results in Algorithm [T] for checking conditional decomposability of two com- 
ponents in polynomial time. Let a language L be represented by the minimal generator G = (Q, E, 6, qo, F) with the 
complete (total) transition function 6 such that L m (G) - L. If the transition function is not complete, the generator can 
be completed in time 0(\E\ ■ \Q\) by adding no more than one non-marked state and the missing transitions. Assume 
that the alphabets E\, E 2 , and E^ are such that £1 n E 2 Q E k Q E\ U E 2 — E, and see Algorithm [T] To determine 

Algorithm 1 Conditional decomposability checking, 

l: function IsCD(G, E U E 2 , E k ) 
2: Compute G 
3: Compute P-\LJG)) 
4: Compute complement co(P~ l (L m (G))) 
5: if co{p- l {L m {G))) n L m {G) = then 
6: return L,„(G) is CD. 

7: else 

8: return L,„(G) is not CD. 

9: end if 

10: end function 



the time complexity of the algorithm, note that the computation is dominated by step 5, and thus the overall time 
complexity can be stated as OQE\ ■ \Q\ 3 ). This also means that the space complexity is polynomial with respect to 
the number of states of the input generator G because we do not need to use more space than 0(\E\ ■ \Q\ y ). The com- 
plexity of individual steps of the algorithm are computed as follows. Step 2 is a parallel composition of two copies 
of G, which requires to create up to |()| 2 states of the generator G, and for each of these states up to \E\ transitions. 
Step 3 requires up to \E\ ■ \Q\ steps because in each state, we have to add self-loops labeled by the new symbols from 
E\-k U E 2 -k- The complement in Step 4 is computed by interchanging the marking of states, cf. |[T9l . That is, marked 
states are unmarked and vice versa. As G is complete, this results in a generator for the complement. Note that 
Steps 3 and 4 can be done at the same time. Finally, to decide the emptiness in Step 5 requires up to \ Q\ 2 ■ \Q\ using a 
standard product automaton, see |fT9l , where for each state, up to \E\ transitions are constructed, and is verified by the 
reachability of a final state by the depth-first-search procedure in linear time [20|. Note also that it is a longstanding 
open problem whether the emptiness of intersection of two regular languages generated by generators with m\ and m 2 
states, respectively, can be decided in time o(m\ ■ m 2 ), cf. ED . If this is possible, then the complexity of our algorithm 
can be improved accordingly. 

We demonstrate our approach in the following example. 



> 0(\E\ ■ \Q\ 2 ). 
> OQE\ ■ |j2l). 

>0(\Q\). 

> o(\e\ ■ iei 3 ). 
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Example 7. Consider the language L m (G) marked by the generator G depicted in Figure \]fta)\ where the correspond- 
ing alphabets are E\ — {a,b,d), E2 — {a,c,d}, and E k — [a,d\. The isomorphic generators f\+k(G) with renamed event 
c, and f2+k(G) with renamed event b are depicted in Figure^! b) and Figure ^ c) respectively. Their parallel compo- 
sition G is shown in Figure^ It is obvious that the string "cacb" belongs to the language L m (G), whereas it does not 
belong to the language P l (L m {G)). Thus, by Theorem^ the language L m (G) is not conditionally decomposable with 
respect to alphabets E\, E2, E k . o 




Figure 2: Generator G = f\+ k (G) || f2+ k (G) with a highlighted word violating conditional decomposability of the language L,„(G). 

Now, we generalize this approach to verifying conditional decomposability for a general number of n > 2 alpha- 
bets. The following theorem proves that we can directly use Algorithm[T] 

Theorem 8. Let K be a language, and let Ei,for i — 1,2, . . . ,n, n > 2, and E k be alphabets such that |J;#/(£; i~i Ej) c 
E k C (J /=i Ej. Then, P i+k (K) || Pi + 2+...+(i-l)+(i+i)+...+n+k(K) £ K, for all i — 1,2, ... ,n, if and only if K is conditionally 
decomposable with respect to alphabets E b i — 1,2, ... , n, and E k . 

Proof. First, P 1+2+ ... +(i _i )+(/+1)+ ... + „ +i (/T) c P l+k (K) \\ P 2+k (K) \\...\\ P (i -i )+k (K) || P (M) + k {K) \\...\\ P„ +k {K) because 
for all i e {1,2, . . . , «}, we have Pi+k(Pi+2+...+(i-\)+(i+i)+...+n+k(K)) = Pi+k{K). Thus, if K is conditionally decomposable, 
then P i+k {K) || Pi + 2+..Mi-Y)HM)+-+n+k(K) c P i+k (K) \\ P l+k (K) || . . . || P<i- 1)+k (K) || P m)+k (K) \\...\\ P„ +k (K) = K, 
for all i = 1,2, ... ,n. 

To prove the opposite implication, assume that K is not conditionally decomposable. Then there exist f, = Pi +k (wi), 
for some w,- e K and for all i = 1,2, ... ,n, such that t\ \\ II • • • \\t n ^ K. We prove by induction on i — 1, 2, . . . ,n — 1 
that 



{ti\ II {ti-l} II ... II {t 2 } II W II P( i+ l) Hi+ 2 )+ ... + n +k (w„) QK. 



(2) 



For i = 1 and by the assumption, {fj} || P2+3+...+n+k(w n ) £ P\+k(K) II ^2+3+...+«+jt(^) £ K. Thus, we assume that it 
holds for all i = 1,2, ...,€,€< n — 1, and we prove it for i = ( + 1. By the induction hypothesis, {ti\ \\ \tt-\) \\ . . . \\ 
{h) II {fil II P(e+i)+(e+2)+...+n+k(w„) c K. Then, using the projection P 1+ 2+...+t+(U2)+,..+n+k, we get that 

Pl+2+...+t+(e+2)+...+n+k{{t[) II {t{-\} || ■■■ || {?2} II {h} II ^ > (;+l)+(C+2)+...+n+*;(w ; „)) £ Pi + 2+...+f+(C+2)+...+n+<:(^) 
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and, by Lemma 4 we get that Pi+2+...+t+({+2)+. ..+«+* (fel II fc-ll II ■ • II {?2l II {tl} II P( f+ l) + ( £+ 2) + ... +n+ i(W„)) = {*,} || 
{k-\} II ■ ■ • II {^ITTVi} II P(e+2)+...+n+k(w„). By this equality and the assumption for i = €+ 1, we have 



fei) II [fc}||fc-i}||...|lfe}||{ti}|l 

£ ^ II P\+2+...+e+(C+2)+...+n+k(K) 
C K 

as claimed. Then, substituting i = n—\ to (|2j, we immediately have that {f„-i} || {^-2} II ■ • • II U2) II (fi) II ^Vt-fcCwn) £ AT, 
which together with P„+k(w n ) = f„ implies that {f„-i} || {fn-2) II ■ • • II te) II {h} II £ K, which is a contradiction. 
Thus, K is conditionally decomposable. □ 

The previous theorem says that we can check conditional decomposability of a language K by n executions of 
Algorithm [T] This means that the overall complexity of verifying conditional decomposability for a general number 
of alphabets, n > 2, is 0(n ■ \E\ ■ |£2I 3 X which is polynomial with respect to the number of states and the number of 
components. 

To conclude this section, note that an example of an r-state automaton with \E\ = 4 and a projection reaching the 
exponential upper bound on the number of states, more precisely the upper bound 3 • 2'~ 2 - 1, has been shown in 
ll22ll . Thus, the approach following the definition of conditional decomposability computing projections and parallel 
composition is exponential for that language even for the case of two alphabets. In comparison, the complexity of our 
algorithm is polynomial. A preliminary version of this algorithm has been implemented in libFAUDES l23l . 

4. Extension of the coordinator alphabet 

According to Theorem [8] we can again consider only the case n — 2. To compute an extension of so that the 
language becomes conditionally decomposable, we modify Algorithm [T] to Algorithm [2j which uses more structural 
properties of the structure G. First, however, we explain the technique on an example. 




Figure 3: Generator G with the corresponding states of G X G. Note that transitions 5(5, b) and (5(6, b) are not defined in G, and, therefore, they 
violate conditional decomposability of the language L m (G). 
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Example 9. Consider the generator G and G of Example s^jand^j The main idea of this technique is to construct, 
step-by-step, the parallel composition of G and G, and to verify that all the steps possible in G are also possible in 
G. In Figure^ G is extended with the states of G, written in the states of G. Note that after reading the string ca, the 
generator G is in a state from which b can be read, but G being in state 5 can read only c. Because of this symbol 
b, the language L m (G) is not conditionally decomposable. The reader can verify that adding b to Ek results in the 
situation where L m (G) is conditionally decomposable with respect to E\, E2, and Ek U {b}. o 

Let a language L be represented by the minimal generator G - (Q,E,5,qo, F) with the total transition function 6 
such that L m (G) = L. Assume that alphabets E\, E2, Ek satisfy E\ n E2 £ Ek Q E\ U E2 — E, and see Algorithm[2] 
To prove that the algorithm is correct, note that it computes L m (G) n P~ l (L m (G)) because L m (G) = L,„(trim(G)). If 



Algorithm 2 Extension of Ek- 



procedure Extension(G, E\ , E2,Ek) 
Compute G 

Compute trim(G) > Now, we compute, step-by-step, the generator H for trim(G) || G. 

Set Qh = \({qo,\,q(i,i), <7o)L a P a ir of initial states of G and G > The initial state of H. 

for all ((<?! , q 2 ), q) 6 Q H do 

for all a e E U E\_ k u &2-k do 

if a e £t-k U £i-k an d Sg((qi, q2), a)\ then 
S H (((q\,q2),q),a) = (6 G ((q 1 ,q 2 ),a),q) 
end if 

if a e E and ^2), a)\ then 

if 5(q,a)\ then 

SH(((qi,qi),q),a) = (dg((q u q2),a),d(q,a)) 

else 

Ek — Ek U {a} > Event a is allowed in G, but not in G. 

> Adding it to Ek solves this problem. 

Restart the procedure with the updated set E^, 
end if 
end if 
end for 
end for 
return E k . 
end procedure 



the condition on line 11 is always satisfied, it means that L m (G) n P l (L m (G)) = L m (G). In other words, L m (G) c 
P~ l (L m (G)), which means by Theorem[6]that L m (G) is conditionally decomposable. On the other hand, if the condition 

on line 1 1 is not satisfied, there exists a string s e L(trim(G)) = L„,(G) such that P(s) i L(G) = L m (G), where the 
last equality follows from the assumption that G is minimal. This implies that P(L m (G)) <t L n ,(G), hence L m (G) is not 
conditionally decomposable by Theorem [5] The algorithms halts because we have only a finite number of events to 
be added to Ef,, and the language is conditionally decomposable for E^ = E\ U £2- 

The complexity of this algorithm is 0(|£1 2 • I2I 3 ), which follows from the complexity of Algorithm [l] and the fact 
that, in the worst-case, we have to run the algorithm \E\ times. Note that the resulting extension depends on the order 
the states of G and G are examined. It should be clear that, in general, there might be different extensions (with respect 
to set inclusion) that correspond to different orders. This is a typical issue with algorithms extending the event sets 
in such a way that a particular property becomes true. There are examples where the algorithm does not construct 
the minimal possible extension. Therefore, the fundamental question is what is the complexity of constructing the 
minimal extension of Ekl 
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5. Relationship of nonblockingness of coordinated systems to conditional decomposability 



In this section, we study the relation between conditional decomposability and nonblockingness of coordinated 
discrete-event systems. A coordinated modular discrete-event system is a system composed (by parallel composition) 
of two or more subsystems. In this section, we consider the case of one central coordinator. Let n > 2, and let G,, 
i = 1,2, ... ,n, be generators over the respective alphabets i = 1,2, ... , n. The coordinated system G is defined 
as G = G\ || G2 II . . . || G n || Gic, where G k is the coordinator over an alphabet E k , which contains all shared events; 
namely, E s c E k , where E s is the set of all events that are shared by two or more components, defined as 



E s = (J (Ef n Ef) . 



ije(l,...,«) 

This is a standard assumption in hierarchical decentralized control where the coordinator level plays a role of the high 
(abstracted) level of hierarchical control. 

In the following theorem, we show the relation between nonblockingness of a coordinated system and conditional 
decomposability of that system. First, however, we need the following auxiliary lemmas. 

Lemma 10 (Proposition 4.1 in [16|). Let L c E* be a language and Pk : E* — > E* k be a projection with Ek c E, for 
some alphabet E. Then, P k (L) — P k (L). 

Lemma 11. Let E be an alphabet, L c E* be a language, and Pk : E* — > E* k be a projection with Ek c E, for some 
alphabet E. Then, L \\ Pk(L) — L. 

Proof. By definition, L \\ P k (L) = L n P k l P k (L), and it is not hard to see that L c P k l P k (L). □ 

Theorem 12. Let n > 2, and let G,-, for i — 1,2, ... ,«, be generators over the alphabets E- { , i — 1,2, re- 
spectively. Let Gk be a generator over an alphabet E^ such that E s C E^ C {J" =l Ej. Then, the coordinated system 
G — G\ II G2 || ... || G„ || Gt is nonblocking if and only if the following conditions both hold: 

1 . G; || Gt || I Pk(Gj), for all i — 1, 2, . . . , n, are nonblocking and 

2. L m (G) is conditionally decomposable with respect to the alphabets E\ , Ei, . . . , E n ,Ek- 

Proof. The following always holds for all i — 1, 2, ...,«, n > 2: 



L m (G) c P 1+k (L m (G)) || ... || P n+k (L m (G)) 
c P ]+k (L(G)) || ... || P n+ k(L(G)) 
= L(Gj || G k || P k (G 2 || G 3 «... || GO) 
II UG 2 II G k || Pkid || G 3 || . . . || G„)) 

|| L(G„ || Gk II Pk{G\ ||G 2 ||...||G„_ 1 )) 
= UG), 



(3) 



where the last equation follows from the idempotent property of the parallel composition and Lemma 11 If the 



language L m (G) is nonblocking, then the inclusions become equalities. Thus, from the first equality, we get that the 
language L m (G) is conditionally decomposable as required in item 2 of the theorem. Similarly, for all i = 1,2, . . . ,«, 



P i+k (L m (G)) = P i+k {L m (G)) = L m (G, || G k ) \\ P i+k {L m (\\ m Gj)) 



L m (G t || G k || Pi+ k {\\ m Gj) 



c L m (Gi) || L m (G k ) || P i+k (\\j*i L m (Gj)) 
c L(G,) || L(G k ) || P i+k Q\j# L(Gj)) 
= P i+k (L(G)), 
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where the first equality holds by Lemma 10 the second equality holds by Lemma|4]because we project to the alphabet 
Ei U Ek that includes the intersection of E, U and (J/*j Ej, namely E k . Finally, the last equality holds by the same 
argument as the second equality. Hence, if the global plant is nonblocking, the inclusions become equalities, which 
means that the subsystems G, || Gk || Pi+k(\\j*i Gj) = G t \\ Gk \\ Wj^PkiGj) are nonblocking. 

On the other hand, from the assumptions 1 and 2 we immediately get that both inclusions in ([3]) are equalities. 
Thus, the implication holds. □ 



Note that Condition 2 of Theorem 12 does not hold in general because one inclusion of conditional decompos- 
ability, namely L m (G) c Pi+k(L m (G)) || P2+k(L„,(G)), can be strict. Thus, the prefix closure of the marked language 
L m (G\ || Gj II Gk) of the coordinated system consisting of subsystems G\ and G2 and a coordinator Gk is not in general 
conditionally decomposable with respect to alphabets E\, E2, Ek as demonstrated in the following example. 

Example 13. Consider two subsystems G\ and G2, and a coordinator Gk as depicted in Figure^ where the cor- 
responding alphabets are E\ — {a,b,d}, £2 = {a,c,d}, and Ek - {a,d}. Then, we can consider the string cacb 



2 H 3 "( 4 



(a) Generator G\ . 



( ' r 2Y A ^i 3 



(b) Generator Gk ■ 





(c) Generator G2 ■ 



(d) Generator Gi || G2 1 1 Gk- 



Figure 4: Generators Gj, G2, Gk, and Gi || G2 II Gk- 



and see that its projection P\ +k (cacb) — ab belongs to the language P\ +k (L m (Gi || G2 || G k )), and the projection 



P2+k(cacb) = cac belongs to the language P2+k{L m {G\ || G; 
to the composition Pi +k (L m (Gi || G 2 || G k )) II P\+ k {L m {Gi 



|| Gk))- However, this means that the string cacb belongs 
G2 II Gk))- On the other hand, the string cacb is not a 



prefix of any string belonging to the marked language L m (G\ \\ G2 II Gk) of the coordinated system as is easily seen in 
Figure ffid)\ Thus, the language is not conditionally decomposable with respect to alphabets E\, E2, E k . o 

Note that it follows from ([3]l that conditional decomposability is a weaker condition than nonblockingness. This is 
because conditional decomposability requires only the first inclusion to be equality, while nonblockingness requires 
both the inclusions to be equalities. The fundamental question is whether it is possible to decide in a distributed way 
without computing the whole plant whether L m (||" =1 G, || G k ) is conditionally decomposable. The algorithm described 
in the previous section requires the computation of the whole plant. 

A specific choice of L m (Gk) £ f]" =l Pk(L m (Gi)), respectively L m (Gk) = f]" =1 Pk(L m (Gi)), yields Corollaries 
[T5]below, respectively. 
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and 



Corollary 14. Let G\ , G2, . . . , G„, G k be nonblocking generators over the alphabets E\ , E2, ■ ■ ■ , E„,E k , respectively, 
such that E s Q Ek Q U" =1 Assume that L ln (Gk) £ HSLi Pk(L m (Gi)). Then, the coordinated system G — G\ \\ G2 II 
... || G„ || Gk is nonblocking if and only if the following conditions both hold: 

1. Gi || Gk are nonblocking, for all i — 1,2, ... ,n, and 

2. L m (G) is conditionally decomposable with respect to the alphabets E\, 



,E 2 , 



1 Ejnt Ek- 



Proof. By the assumption, L m (G k ) Q p| ; P k (L m (Gi)). Applying the prefix closure to the previous inclusion results in 
the inclusion L(G k ) = LJGkj c P k (C]j L m (G,)) c ^PkiLJGd) = C]iPk(L(Gd) = 1 1,- PtWG/)). From this, it follows 
that L(G k ) || Pk(L(Gd) = L(G k ), for i = 1,2, . . . ,n, which implies that G ; || G k \\ \\ m P k (Gj) = G,- || G k . Thus, item 1 
of Theorem 12 reduces to item 1 of this corollary. □ 
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Corollary 15. Let G\, G2, • . ■ , G n , G\ be nonblocking generators over the alphabets E\ , Ei, . . . , E„,Ek, respectively, 
such that E s QE^Q U"=i Ei, and assume that L m (Gk) — H"=i Pk(L m (Gi)). Then, the coordinated system G — ||" =1 G,- || 
Gk is nonblocking if and only if the following conditions both hold: 

1. Gi || Gu are nonblocking, for all i — 1,2, ... ,n, and 

2. L m (G\ II G2 || ... || G n ) is conditionally decomposable with respect to alphabets E\, E%, , . . , E n , Ek- 

Proof. The proof follows immediately from the previous corollary and the fact that 1 1 ; L m (G,) | L m (Gk) = (\ | ( L m (G,)) || 
, Pk(L m (Gi))j, which is equal to ||, L,„(G,) by Lemma |TT| which reduces item 2 of Corollary 14jto the form of item 2 



of this corollary. 



□ 



The last corollary is particularly interesting because the coordinated modular discrete-event system coincides with 
the original plant and, therefore, nonblockingness of the original plant itself can be checked using the approach based 
on a coordinator, provided that we can verify item 2 in a distributed way. 

The approach discussed above is based on projections, and the only known sufficient condition ensuring that 
the projected automaton is smaller with respect to the number of states than the original one is the observer property 
mentioned below. This topic requires further investigation because the observer property is only a sufficient condition, 
not necessary; there are examples of projected automata that are smaller than original automata without the projections 
satisfying the observer property. For completeness, however, we now discuss the case of projections satisfying the 
observer property and show that it corresponds to the known results discussed in lfT6l and in references therein. 

Finally, we mention that in practice one central coordinator is particularly useful for loosely coupled subsystems, 
where the interaction between the subsystems (via synchronisation) is not too strong. Otherwise, a general multilevel 
hierarchy approach should be adopted, where the subsystems are aggregated into groups that are only loosely coupled. 
This is, however, very technical and left for a future study. 

5.7. Observer property 

The previous results are of interest in the case the projected systems fV(G,), for z = 1, 2, ...,«, are significantly 
smaller than the original systems G,. So far, the only known condition ensuring this is a so-called observer property. 

Definition 16 (Observer property). Let Ek c E be alphabets. A projection Pk '■ E* — > E* k is an L-observer for a 
language L C E* if the following holds: for all strings t e P(L) and s e L, if P(s) is a prefix oft, then there exists 
u G E* such that su e L and P(su) — t. 

The following lemma proves that if the projections are observers, then item 2 of the previous results can be 
eliminated because it is always satisfied. 

Lemma 17. LetG lt 1,2,..., n, n > 2, and Gkbe generators over the alphabets i — 1,2, ... ,n, and Ek, respectively, 
such that E s C Ek Q Ui^i' an d denote G — || ; G; || Gk- If the projections P'^ k are Pj + k(L m (G))-observers, for 
i — 1,2, ... ,n, then the language L m (G) is conditionally decomposable with respect to Ej, i — 1,2, ... ,n, and Ek. 

Proof. By Lemma [lOj showing the first equality, it holds in general that 



|| P i+ k(L m (G)) = || P i+k (L m {G)) 2 || P i+k (L m {G)) 

i=l !=1 !=1 



(4) 



GHI Gi II ||P t (G,-) 



L m (G). 



The last equality follows from the commutativity of the synchronous product and Lemma 11 By [24], it holds that 



i/=i 



P i+k (LJG)) = ||" =1 P i+k (L m (G)) if and only if ||" =1 P k (L m (G)) = ||" =1 P k (L m (G)), and the later equality is obviously 



satisfied. Thus, the former equality implies by (|4j) that the language L„,{G) is conditionally decomposable with respect 
to alphabets E\, Ei, Ek, which was to be shown. □ 
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As mentioned in the previous proof, when we consider all the assumptions, Feng [ 16] (see also the references 
therein) has shown that if the projection Pk is an observer for L\ and L2, then L\ \\ L2 is nonconfiicting if and only if 
Pk(Li) || Pk(Lq) is nonconfiicting. This is generalized to arbitrary components in |24|. Note that using this property on 
item 1 of Corollary[l5] together with the previous lemma and the fact that the observers preserve parallel composition, 
Il24ll . results in the following corollary, which generalizes the results shown in 1 16 1 for two components. 



Corollary 18. Let Gi, 1, 2, . . . , re, re > 2, and Gk be nonblocking generators over the alphabets Ej, i = 1, 2, . . . , re, and 
Ek, respectively, such that E s C E% C U,-£,-, and assume that L m (Gk) — f] t P/t(L m (G,)) and L(Gk) — Oi Pk(L(Gi)). 
Assume that the projections P' k are L m (Gi)-observers, for i — 1,2, ... ,n. Then, the coordinated system || ; G, || Gk is 
nonblocking if and only ifGk is nonblocking. 

This works because the projection is an observer. However, there are languages which are conditionally decom- 



posable, but the projections from Lemma 17 are not observers. For instance, consider a language L = {ba, cdb, deb}. 



It can be verified that L is conditionally decomposable with respect to the alphabets E\ = {a, b, c), Ej = {a, b, d), and 
Ek = \a,b], and that the projections P'^ k are not P, +/ t(L)-observers, for / — 1,2. Note that P\+k{L) — \ba,cb) and 
P2+k(L) = {ba, db). Then, for t — b and s = cb (for i = 1, or s — db for i = 2), there is no extension of cb such that 
P\ +k {cb) = ba. Hence, the projections are not observers. For that reason, we consider in this paper a more general 
assumption that the projections are such that the projected generators are smaller than the original generators. Note 
that the conditions under which this is true still need to be investigated. Finally, note that for the verification whether 
the subsystems G, || Gk || |Ly Pk(Gj) are nonblocking, the methods presented in 12511261 can be used, combined with 
further usage of Binary Decision Diagrams [27 1 or state-tree structures l28ll to perform the calculations. 



6. Conclusion 

The main contributions of this paper are polynomial-time algorithms for the verification whether a language is 
conditionally decomposable and for an extension of the coordinator alphabet Ek- Our approach to extend the alphabet 
Ek is based on the successive addition of events to the alphabet Ej.. Another approach has recently been discussed 
in 11291 , where the problematic transitions are identified, and the events of these transitions are renamed. From the 
viewpoint of applications, however, our approach can directly be used in coordination control for which it has primar- 
ily been developed. On the other hand, the approach from [29 1 has so far no direct applications in the coordination 
control framework, which is under investigation. Nevertheless, the algorithms presented here can also be used for the 
approach presented in [29|. 

Particularly valuable is the property that algorithms for checking conditional decomposability of a language with 
respect to alphabets is linear in the number of alphabets (that corresponds to local controllers in coordination control). 
No such results are known for co-observability (the notion playing a central role in decentralized control) and the re- 
lated property of decomposability. It is well-known that co-observability is equivalent to decomposability under some 
reasonable assumptions on locally controllable and locally observable alphabets. Since conditional decomposability 
can be seen as decomposability with respect to particular alphabets (enriched by the coordinator events), it appears 
that our results about conditional decomposability will have impact on decentralized control with communicating su- 
pervisors. Indeed, co-observability is ensured by a special types of communication (which corresponds to enriching 
the sets of locally observable events such that a specification language becomes co-observable) in a similar way as 
decomposability is imposed by enriching the alphabets of local supervisors. 

The paper also compares the property of conditional decomposability to nonblockingness of a coordinated system. 
The current low complexity tests of practical interest are based on the observer property because it is the only known 
condition ensuring that the projected generator is smaller than the original one. However, this is only a sufficient 
condition and further investigation is needed. It is our plan to further investigate the construction procedures for 
designing coordinators for nonblockingness that are as small as possible and we will combine these results with those 
obtained in coordination control for safety so that both nonblockingness and safety issues can be efficiently handled 
using coordination control. 
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